make-binaries: Bump zlib version to 1.2.13

Update zlib to 1.2.13 to address CVE-2022-37434 Also change zlib download to use archive URL so builds do not fail when specified version is no longer the current version
2022-11-16 09:42:36 +00:00 · 2022-11-16 09:42:36 +00:00 · aa8d800577
parent c6513fcfc6
commit aa8d800577
1 changed files with 4 additions and 2 deletions
--- a/tools/make-binaries
+++ b/tools/make-binaries
@ -68,7 +68,7 @@ mix_vsn=$(mix_version "$rel_vsn")
 crosstool_vsn='1.25.0'
 termcap_vsn='1.3.1'
 expat_vsn='2.4.9'
-zlib_vsn='1.2.12'
+zlib_vsn='1.2.13'
 yaml_vsn='0.2.5'
 ssl_vsn='1.1.1q'
 otp_vsn='24.3.4.5'
@ -461,6 +461,8 @@ build_toolchain()
 		cd "$root_dir"
 		create_${arch}_config 'defconfig'
 		ct-ng defconfig
+		sed -i -e "s|^CT_ZLIB_VERSION=.*|CT_ZLIB_VERSION=\"$zlib_vsn\"|" .config
+		sed -i -e 's|^CT_ZLIB_MIRRORS=.*|CT_ZLIB_MIRRORS="https://github.com/madler/zlib/releases/download/v${CT_ZLIB_VERSION} https://www.zlib.net/ https://www.zlib.net/fossils/"|' .config
 		ct-ng build CT_PREFIX="$ct_prefix_dir" CT_JOBS="$ct_jobs"
 		rm -rf '.config' '.build' 'build.log'
 		cd "$OLDPWD"
@ -844,7 +846,7 @@ else
 	curl -LO "http://crosstool-ng.org/download/crosstool-ng/$crosstool_tar"
 	curl -LO "https://ftp.gnu.org/gnu/termcap/$termcap_tar"
 	curl -LO "https://github.com/libexpat/libexpat/releases/download/R_$(printf '%s' "$expat_vsn" | sed 's/\./_/g')/$expat_tar"
-	curl -LO "https://zlib.net/$zlib_tar"
+	curl -LO "https://zlib.net/fossils/$zlib_tar"
 	curl -LO "https://pyyaml.org/download/libyaml/$yaml_tar"
 	curl -LO "https://www.openssl.org/source/$ssl_tar"
 	curl -LO "https://github.com/erlang/otp/releases/download/OTP-$otp_vsn/$otp_tar"